nerdexam
Salesforce

BA-201 · Question #129

A Cloud Kicks business analyst (BA) is conducting user interviews with the support team as part of a migration to Salesforce. Several users indicate they use multi-factor authentication (MFA) on their

The correct answer is B. Ask the security team to confirm company policy.. Authentication methods are a security policy matter, not a user preference matter. When conflicting practices are uncovered during user interviews, the correct escalation path is to the security team, which owns and enforces company-wide authentication policy. The security team c

Elicit & Analyze

Question

A Cloud Kicks business analyst (BA) is conducting user interviews with the support team as part of a migration to Salesforce. Several users indicate they use multi-factor authentication (MFA) on their phones to log in to existing systems. Other users have indicated they access existing systems with only a username and password. How should the BA resolve the issue?

Options

  • ADetermine the most commonly used process.
  • BAsk the security team to confirm company policy.
  • CAsk executive leadership to make the decision.

How the community answered

(33 responses)
  • A
    12% (4)
  • B
    79% (26)
  • C
    9% (3)

Explanation

Authentication methods are a security policy matter, not a user preference matter. When conflicting practices are uncovered during user interviews, the correct escalation path is to the security team, which owns and enforces company-wide authentication policy. The security team can confirm whether MFA is mandatory, optional, or role-based - providing a single authoritative answer that governs the Salesforce implementation. Option A (determining the most commonly used process) would entrench an informal practice that may violate security policy. Option C (escalating to executive leadership) bypasses the subject matter experts who actually own this domain; executives are not the right decision-makers for authentication standards.

Topics

#Requirements Gathering#Stakeholder Identification#Security Policy#Authentication

Community Discussion

No community discussion yet for this question.

Full BA-201 Practice